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A method for secured access to data in a network 
with an information center (3) and a plurality of 
data area, access systems (1, 2), in which method an 
owner of rights to data to be stored can alone 
allow the storing of these data and define the 
access rights of third parties to these data at the 
information center (3) , 
wherein 

- the data are in each case stored only once in 
one of the data area access systems (1/ 2) not 
accessible to the owner of the rights, 

- the information center (3) registers the 
presence of data of a certain type in each data 
area access system (1), after which the owner of 
the rights to the stored data can define at the 
information center (3) access rights of third 
parties to the data, 

- after a request of a requesting data area 
access system (2) for data of a certain type, the 
information center (3) transmits a list of the 
data present of this certain type, specifying the 
data area access system (1) respectively storing 
these data, to the requesting data area access 
system (2) for which the access rights of the 
requesting data area access system (2) correspond 
to the access rights defined at the information 
center (3) for these data, and 

- the data of the certain type' are transmitted 
directly by the data area acfcess system (1) 
storing these data to the requesting data area 
access system (2) only if the data area access 
system (1) storing these data has received a 
confirmation from the information center (3) . 

The method as claimed in claim 1, wherein an 
authorization of the storage of data and of the 
definition of the access rights of third parties to 


the data takes place by means of an identity check 
of the owner of the rights to the data. 

The method as claimed in claim 1 or 2, wherein data 
to be stored are stored in the data area access 
system (1) together with an electronic form, which 
contains the type of the data. 

The method as claimed in one of claims 1 to 3, 
wherein a data area access system (1) storing data 
responds to a request for certain data of a certain 
type by a requesting data area access system (2) by 
verifying the access rights through an inquiry to 
the information center (3) as to whether the 
requesting data area access system has access 
rights to the certain data of a certain type. 

The method as claimed in one of claims 1 to 4, 
wherein a data area access system (2) receiving 
certain data of a certain type allows access to the 
received data only directly after a respective 
reception of the data. 

The method as claimed in one of claims 1 to 5, 
wherein a data area access system (2) itself 
storing certain data of a certain type grants 
access to the certain data of a certain type only 
if a positive verification has taken place through 
an inquiry to the information center (3) as to 
whether the data area access system (1) itself 
storing the certain data of a certain, type can show 
access rights for the certain data of a certain 
type. 

The method as claimed in one of claims 1 to 6, 
wherein the information center (3) is notified by a 
data area access system (1) having new data about 
the presence of new data of a certain type, 
whereupon the information center (3) sends a 


notifying confirmation to the data area access 
system (1) concerned. 

The method as claimed in one of claims 1 to 7, 
wherein the data are identified on the basis of an 
identification which is allocated as a unique 
identification by the information center (3) and is 
transmitted by the information center (3) after a 
registration of new data to the data area access 
system (1) storing these data f in order for this 
system to append the respective identification to 
the respective data. 

The method as claimed in one of claims 1 to 8, 
wherein, after an inquiry for data of a certain 
type by a data area access system (2), the 
information center (3) prepares a list of all the 
data present of this certain type before it 
verifies the access rights to the data of the 
certain type, in order to transmit the list of data 
present of this certain type, specifying the data 
area access system (1) respectively storing these 
data, to the requesting data area access system (2) 
for which the requesting data area access system 
(2) can show the access rights. 

The method as claimed in one of claims 1 to 9, 
wherein, when data access is desired by a data area 
access system (1) to data of a certain type, 
firstly a request for such data of .the certain type 
is sent to the information center C3) . 

The method as claimed in one of claims 1 to 10, 
wherein, when data transmission is desired from a 
data area access system (1) storing data to a 
requesting data area access system (2) , firstly a 
request for certain data of a certain type is sent 
by the latter system to the data area access system 
(1) storing these certain data of a certain type. 
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12. The method as claimed in one of claims 1 to 11 , 
wherein the data in a data area access system (1, 
2) are stored in a secure data memory, no direct 
access being possible to the data stored therein. 

13. The method as claimed in one of claims 1 to 12, 
wherein the type of the data is determined by their 
content and/or the owner of the rights to the data. 


14. The method as claimed in one of claims 1 to 13, 
wherein the access rights to stored data can be 
defined by the owner of the rights to the data at 
5 an y P°i n t i n time after their registration at the 

■Cj 15 information center (3) and, after that, can be 

O changed again as desired by a re-definition by the 

J~ owner of the rights to the data. 

u 15. The method as claimed in one of claims 1 to 14, 

20 wherein the access rights to stored data can be 

fy granted by the owner of the rights to the data when 

" they are stored in a data area access system (1, 

O 2) . 

25 16. The method as claimed in one of claims 1 to 15, 
wherein the communication between a data area 
access system (1, 2) and the information center (3) 
or another data area access system (2, 1) takes 
place in encrypted form. 

30 

17. The method as claimed in claim ,16, wherein the 
sender provides the information sent by him with a 
digital signature by means of a secret signature 
code, whereby the recipient can verify the sent 
35 information by means of an associated public 

signature code . 


18. The method as claimed in claim 16 or 17, wherein 
the sender encodes all transmitted data by means of 
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a public encryption code issued by the recipient/ 
whereby only the recipient can decode the 
transmitted data by means of a secret encryption 
code . 

The method as claimed in one of claims 16 to 18 , 
wherein not only each data area access system (1, 
2) and the information center (3) but also each 
participant has a secret signature code and a 
secret encryption code and a public signature code 
and a public encryption code. 

The method as claimed in claim 19 f wherein the 
secret signature codes and encryption codes and/or 
public signature codes and encryption codes of a 
participant are stored on a data carrier, such as 
for example a smart card. 

The method as claimed in one of claims 1 to 20, 
wherein a participant accessing the network must 
authorize himself and his identity is verified by 
the information center. 

The method as claimed in claim 21 , wherein the 
identity of a participant is stored on a data 
carrier, such as for example a smart card. 

The method as claimed in one of claims 1 to 22, 
wherein the permission for storing the data is 
given by the owner of the rights to the data at the 
latest when the data are registered at the 
information center (3) , the information center (3) 
not allowing any subsequent data access to these 
data without correct authorization. 

The method as claimed in at least one of the 
preceding claims, wherein, when the data are 
transmitted, the appropriation specified by the 
owner of the access rights for the transmission of 


these data in the original data context is 
transmitted together with these data in the form of 
an electronic watermark and these data are 
additionally marked visibly as an appropriated copy 
of the original data. 


